/*
 * package com.ledi.guns.core.intercept;
 * import javax.servlet.http.HttpSession;
 * import org.aspectj.lang.ProceedingJoinPoint;
 * import org.aspectj.lang.annotation.Around;
 * import org.aspectj.lang.annotation.Aspect;
 * import org.aspectj.lang.annotation.Pointcut;
 * import org.slf4j.Logger;
 * import org.slf4j.LoggerFactory;
 * import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 * import org.springframework.stereotype.Component;
 * import com.ledi.guns.common.exception.AppCheckException;
 * import com.ledi.guns.core.base.controller.BaseController;
 * import com.ledi.guns.core.util.SystemConstans;
 *//**
 * 恶意请求拦截器
 *
 * @author 钟小平
 */
/*
 * @Aspect
 * @Component
 * @ConditionalOnProperty(prefix = "guns", name = "session-open", havingValue = "true")
 * public class MaliciousRequestInterceptor extends BaseController {
 * private final static Logger logger = LoggerFactory.getLogger(MaliciousRequestInterceptor.class);
 * private Boolean allRequest = false; // 拦截所有请求,否则拦截相同请求
 * private Long minRequestIntervalTime = 3000L; // 允许的最小请求间隔
 * private Integer maxMaliciousTimes = 1; // 允许的最大恶意请求次数
 * @Pointcut("execution(* com.ledi.guns.modular.ledipay.controller.*.*(..))")
 * public void cutService() {
 * }
 * @Around("cutService()")
 * public Object sessionTimeoutValidate(ProceedingJoinPoint point) throws Throwable {
 * HttpSession session = super.getHttpServletRequest().getSession();
 * String preRequest = (String) session.getAttribute(SystemConstans.PREREQUEST);
 * Long preRequestTime = (Long) session.getAttribute(SystemConstans.PREREQUEST_TIME);
 * String url = super.getHttpServletRequest().getServletPath();
 * if (preRequestTime != null && preRequest != null) { // 过滤频繁操作
 * if ((url.equals(preRequest) || allRequest)
 * && System.currentTimeMillis() - preRequestTime < minRequestIntervalTime) {
 * Integer maliciousRequestTimes = (Integer) session.getAttribute(SystemConstans.MALICIOUS_REQUEST_TIMES);
 * if (maliciousRequestTimes == null) {
 * maliciousRequestTimes = 1;
 * } else {
 * maliciousRequestTimes++;
 * }
 * session.setAttribute(SystemConstans.MALICIOUS_REQUEST_TIMES, maliciousRequestTimes);
 * if (maliciousRequestTimes > maxMaliciousTimes) {
 * logger.warn("To intercept a malicious request : {}", url);
 * throw new AppCheckException("system.session.malicious.code", "system.session.malicious.message");
 * }
 * } else {
 * session.setAttribute(SystemConstans.MALICIOUS_REQUEST_TIMES, 0);
 * }
 * }
 * session.setAttribute(SystemConstans.PREREQUEST, url);
 * session.setAttribute(SystemConstans.PREREQUEST_TIME, System.currentTimeMillis());
 * return point.proceed();
 * }
 * public void setAllRequest(Boolean allRequest) {
 * this.allRequest = allRequest;
 * }
 * public void setMinRequestIntervalTime(Long minRequestIntervalTime) {
 * this.minRequestIntervalTime = minRequestIntervalTime;
 * }
 * public void setMaxMaliciousTimes(Integer maxMaliciousTimes) {
 * this.maxMaliciousTimes = maxMaliciousTimes;
 * }
 * }
 */
